RHEL 4 : firefox (RHSA-2005:176)

The remote Redhat Enterprise Linux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2005:176 advisory. Mozilla Firefox is an open source Web browser. A bug was found in the Firefox string handling functions. If a malicious website is able to...

RHEL 4 : kernel (RHSA-2005:092)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:092 advisory. The Linux kernel handles the basic functions of the operating system. This advisory includes fixes for several security issues: iSEC Security...

[Full-Disclosure] Advisory: SQL-Injection in CitrusDB

Advisory: SQL-Injection in CitrusDB A group of students at our lab called RedTeam found an SQL-Injection vulnerability in CitrusDB. Details ======= Product: CitrusDB Affected Version: 0.3.6 verified, probably = 0.3.5, too Immune Version: none OS affected: all Security-Risk: low Remote-Exploit: no...

Veritas Backup Exec Agent 8.x/9.x - Browser Overflow

/ Got to give it to class101 on this one. Tested and penetrated. / str0ke / / VERITAS Backup Exec v9.1.4691.SP1 v9.1.4691.SP0 v8.5.3572 Agent Browser Service, Remote Stack Overflow Highly Critical All credits to: -iDEFENSEdiscovery-www.iDEFENSE.com, -Thor Doomeniat-syscallatinbox.lv, -H.D...

Webmin 1.5 - Web Brute Force (CGI)

Webmin 1.5 - Web Brute Force CGI !/usr/bin/perl use CGI qw:standard; use IO::Socket; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"; $host = $CGI-param"host"; $wlist = $CGI-param"wlist"; $cmd = $CGI-param"cmd"; print $CGI-header-type='text/html',-charset='windows-1254'; print...

Norton AntiVirus 2005 - Remote Stack Overflow

Norton AntiVirus 2005 - Remote Stack Overflow...

Microsoft Internet Explorer - Remote Code Execution

CMDExe - Windows Exploit - Remote code execution with parameters - Proof of ConceptMore info about this exploit can be found at hhttp://freehost19.websamba.com/shreddersub7/expl-discuss.htm. © 2004 ShredderSub7 function DisplayLocStrings Title.innerHTML = TAGSYSCONFIG; ConfigLink.innerHTML =...

Ricoh Aficio 450455 PCL 5e Printer - ICMP Denial of Service

Ricoh Aficio 450455 PCL 5e Printer - ICMP Denial of Service / RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability Exploit. DATE: 12.15.2004 Vuln Advisory : Hongzhen Zhou Exploit Writer : x90cKyong [email protected]/jyj9782 Testing -----------------------------------------------...

Apache 2.0.52 Multiple Space Header Denial of Service Exploit (v2)

Exploit for unknown platform in category dos / poc ================================================================== Apache 2.0.52 Multiple Space Header Denial of Service Exploit v2 ================================================================== / Apache Squ1rt, Denial of Service Proof of...

Multiple Browsers - Tabbed Browsing

Test Your Browser Open the link below in a new tab, then try to type data into form fields on the CitiBank website. Open this Link in New Tab Result: Keystrokes you pressed on the CitiBank website. /textarea // milw0rm.com 2004-10-22...

linux/x86 execve /bin/sh encrypted 58 bytes

No description provided by source. / !!!!!! PRIVATE !!!!!!! // ANTI-IDS SHELLCODE // // !!!!!!!!!!!!!!!!!! // [email protected] 0x1d abril 0x7d2 ./test.c !!! Shellcode execve sh Encriptada !!! AHORA EN 58 BYTES !!!!!!!!!!!!!! Notese que la encripcion se ha hecho a toda la shellcode y no...

Possible root compromose with bsdmainutils 6.0.x < 6.0.15 (Debian testing/unstable)

Possible root compromise with calendar bsdmainutils 6.0.x 6.0.15 -------------------------------------------------------------------- Introduction ------------ The calendar utility is a handy little tool that informs you about upcoming events. Each user can define his/her own calendar events. In...

ImageMagick -- BMP decoder buffer overflow

Marcus Meissner discovered that ImageMagick's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability...

[EXPL] BlackJumboDog Remote Buffer Overflow Exploit Code

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

MS Windows XP Task Scheduler (.job) Universal Exploit (MS04-022)

Exploit for unknown platform in category local exploits ================================================================ MS Windows XP Task Scheduler .job Universal Exploit MS04-022 ================================================================ / HOD-ms04022-task-expl.c: MS04-022 Microsoft...

LBEhelpdesk.txt

LBE Web HelpDesk SQL Injection Summary Leigh Business Enterprises's Web HelpDesk is "operated entirely through your web browser and is designed to be used by both your support staff and your customers". We found the product to contain at least one exploitable SQL Injection vulnerability that woul...

Fedora Core 2 : kernel-2.6.6-1.427 (2004-137)

An updated kernel is available that brings the kernel to the 2.6.7-rc3 base level. This new kernel provides a significant number of bug fixes and improvements for USB, the keyboard/mouse subsystem and the VM. This kernel also fixes the high profile bugs about not working on VIA C3 processors 1206...

Flash FTP Server - Directory Traversal

TestCode: C:\ftp localhost Connected to server. 220 Flash FTP Server v2.1 ready... User server:none: CoolICE 331 Password required for CoolICE. Password: 230 User CoolICE logged in. ftp get /winnt/system.ini 200 Port command successful. 150 Opening data connection for /winnt/system.ini. 226 File...

Drcat 0.5.0-beta (drcatd) Remote Root Exploit

Exploit for linux platform in category remote exploits ============================================= Drcat 0.5.0-beta drcatd Remote Root Exploit ============================================= / Proof of Concept DRCATD Remote exploit by Taif Test: email protected drcat ./drcat -d 127.0.0.1 -u taif ...

MySQL 4.15.0 - Zero-Length Password Authentication Bypass

MySQL 4.15.0 - Zero-Length Password Authentication Bypass !/usr/bin/perl The script connects to MySQL and attempts to log in using a zero-length password Based on the vuln found by NGSSecurity The following Perl script can be used to test your version of MySQL. It will display the login packet se...